Hacker News new | past | comments | ask | show | jobs | submit login

The point of my comment is that we should not compare Facebook to Equifax. The latter may have been lax in protecting that data, but the millions of records exposed last year were taken without their consent. Facebook is literally inviting anyone who can sign up for a developer account to harvest their — sorry, our — data at scale.

Right and I'm saying that the broader point is it's legal for these companies, Facebook and Equifax being two of the biggest, to have massive caches of highly invasive personal data and have 0 legal obligation to protect it (they can do anything they want with it). How invasive is it for a company like weatherbug to be selling your location data to the highest bidder simply because you want to check the weather on your phone?

The massive industry that has been built around advertising and personal data trading needs to be regulated.

I agree with you with regard to WeatherBug, but Equifax already cannot just sell your credit data to the highest bidder. Whether there should be more restrictions on how that data can be used is up for debate, but for the most part you can't get a credit report on someone without their explicit consent.

I specifically want to avoid the Equifax comparison because it looms large in people's minds as an example of an intrusion and forceful removal of data, which is not what occurred with Facebook and Cambridge Analytica. We should have better laws around protecting sensitive data from intruders, too, but they won't be the same laws prohibiting companies from selling data they've collected on us. Conflating these problems will not help us solve them.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact